Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Resource Certification Robert Loomans February 2, 2007.

Published byClement Gardner Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Resource Certification Robert Loomans February 2, 2007."— Presentation transcript:

1 1 Resource Certification Robert Loomans February 2, 2007

2 2 Resource Certification Aim to provide trust injection for secure routing Allow assertion of rights to IP and AS resources and checking those assertions

3 3 Code Wiki –http://mirin.apnic.net/resourcecerts/wiki/http://mirin.apnic.net/resourcecerts/wiki/ Modifications to OpenSSL. –Funded by ARIN –Done by Rob Austein from ISC –http://subvert-rpki.hactrn.net/openssl/http://subvert-rpki.hactrn.net/openssl/ –Also accepted into OpenSSL CVS and slated for 0.9.9 CARA –RA and CA implementation –Developed by the RIPE-NCC

4 4 Standards IETF SIDR WG drafts –Certificate policy http://www.ietf.org/internet-drafts/draft-ietf-sidr-cp- 00.txthttp://www.ietf.org/internet-drafts/draft-ietf-sidr-cp- 00.txt Derived from RFC3280 and RFC3779 –Template for Certification Practice Statement for RIRs, NIRs, etc http://www.ietf.org/internet-drafts/draft-ietf-sidr-cps- irs-00.txthttp://www.ietf.org/internet-drafts/draft-ietf-sidr-cps- irs-00.txt

5 5 Protocols Registry  ISP ISP  Customer

Download ppt "1 Resource Certification Robert Loomans February 2, 2007."

Similar presentations

A Threat Model for BGPSEC

A Threat Model for BGPSEC
Internet Resource Policy Evaluation Process. facilitates the advancement of the Internet through information and educational outreach allocates Internet.

Internet Resource Policy Evaluation Process. facilitates the advancement of the Internet through information and educational outreach allocates Internet.
A Threat Model for BGPSEC Steve Kent BBN Technologies.

A Threat Model for BGPSEC Steve Kent BBN Technologies.
RPKI Standards Activity Geoff Huston APNIC February 2010.

RPKI Standards Activity Geoff Huston APNIC February 2010.
Update on Resource Certification Geoff Huston, APNIC Mark Kosters, ARIN SSAC Meeting, March 2008.

Update on Resource Certification Geoff Huston, APNIC Mark Kosters, ARIN SSAC Meeting, March 2008.
An Operational Perspective on BGP Security Geoff Huston February 2005.

An Operational Perspective on BGP Security Geoff Huston February 2005.
A Profile for Trust Anchor Material for the Resource Certificate PKI Geoff Huston SIDR WG IETF 74.

A Profile for Trust Anchor Material for the Resource Certificate PKI Geoff Huston SIDR WG IETF 74.
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 70.

Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 70.
The Role of a Registry Certificate Authority Some Steps towards Improving the Resiliency of the Internet Routing System: The Role of a Registry Certificate.

The Role of a Registry Certificate Authority Some Steps towards Improving the Resiliency of the Internet Routing System: The Role of a Registry Certificate.
RPSLng, CRISP / Whois update Database SIG APNIC19 24 February 2005, Kyoto, Japan.

RPSLng, CRISP / Whois update Database SIG APNIC19 24 February 2005, Kyoto, Japan.
Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 1 RIPE NCC Certification Task Force Update Presented by Nigel Titley RIPE NCC.

Nigel Titley. RIPE 54, 9 May 2007, Tallinn, Estonia. 1 RIPE NCC Certification Task Force Update Presented by Nigel Titley RIPE NCC.
CS 145A Case Study: Simplified BGP Finite State Machine Netlab.caltech.edu/course.

CS 145A Case Study: Simplified BGP Finite State Machine Netlab.caltech.edu/course.
Route Leaks Sandra Murphy. Is This a Route Leak? To be able to detect a route leak: Given Update with AS_PATH AS1…ASn Is this a route leak?

Route Leaks Sandra Murphy. Is This a Route Leak? To be able to detect a route leak: Given Update with AS_PATH AS1…ASn Is this a route leak?
RPKI and Routing Security ICANN 44 June 2012. Today’s Routing Environment is Insecure Routing is built on mutual trust models Routing auditing requires.

RPKI and Routing Security ICANN 44 June Today’s Routing Environment is Insecure Routing is built on mutual trust models Routing auditing requires.
An Introduction to Routing Security (and RPKI Tools) Geoff Huston May 2013.

An Introduction to Routing Security (and RPKI Tools) Geoff Huston May 2013.
Validation Algorithms for a Secure Internet Routing PKI David Montana Mark Reynolds BBN Technologies.

Validation Algorithms for a Secure Internet Routing PKI David Montana Mark Reynolds BBN Technologies.
Routing Registries What are they, how do they work, and why should I care? Larry Blunk, Merit Network, Inc.The Quilt Peering Workshop, Fall 2006.

Routing Registries What are they, how do they work, and why should I care? Larry Blunk, Merit Network, Inc.The Quilt Peering Workshop, Fall 2006.
SIDR WORKING GROUP IETF 80 PRAGUE draft-manderson-sidr-geo-00.

SIDR WORKING GROUP IETF 80 PRAGUE draft-manderson-sidr-geo-00.
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.

Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
Paul Vixie APNIC 32 – Busan, Korea ARIN Update. 2011 Focus IPv4 Depletion & IPv6 Uptake Developing, adapting, and improving processes and procedures Working.

Paul Vixie APNIC 32 – Busan, Korea ARIN Update Focus IPv4 Depletion & IPv6 Uptake Developing, adapting, and improving processes and procedures Working.

Similar presentations

Ads by Google